CVE-2020-8161

Directory traversal in Rack::Directory app bundled with Rack

Description

A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

8.6

Severity

High

Ecosystem

RubyGems

Publish Date

July 6, 2020

Modified Date

February 18, 2024

Score Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected Versions